package c.x.jy.common.utils;

import java.security.KeyManagementException;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;

import javax.net.ssl.SSLContext;
import javax.net.ssl.TrustManager;
import javax.net.ssl.X509TrustManager;

import org.apache.http.client.config.RequestConfig;
import org.apache.http.conn.ClientConnectionManager;
import org.apache.http.conn.scheme.Scheme;
import org.apache.http.conn.scheme.SchemeRegistry;
import org.apache.http.conn.ssl.SSLConnectionSocketFactory;
import org.apache.http.conn.ssl.SSLSocketFactory;
import org.apache.http.impl.client.CloseableHttpClient;
import org.apache.http.impl.client.DefaultHttpClient;
import org.apache.http.impl.client.HttpClients;
import org.apache.http.ssl.SSLContextBuilder;
import org.apache.http.ssl.TrustStrategy;  
//用于进行Https请求的HttpClient  
@SuppressWarnings("all")
public class SSLClient extends DefaultHttpClient{  
    public SSLClient() throws Exception{  
        super();
 //传输协议需要根据自己的判断　  
        SSLContext ctx = SSLContext.getInstance("SSLv3");  
        X509TrustManager tm = new X509TrustManager() {  
                @Override  
                public void checkClientTrusted(X509Certificate[] chain,  
                        String authType) throws CertificateException {  
                }  
                @Override  
                public void checkServerTrusted(X509Certificate[] chain,  
                        String authType) throws CertificateException {  
                }  
                @Override  
                public X509Certificate[] getAcceptedIssuers() {  
                    return null;  
                }  
        };  
        ctx.init(null, new TrustManager[]{tm}, null);  
        SSLSocketFactory ssf = new SSLSocketFactory(ctx,SSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER); 
        
       // sslSocketFactory(SSLSocketFactory sslSocketFactory,X509TrustManager trustManager);
        ClientConnectionManager ccm = this.getConnectionManager();  
        SchemeRegistry sr = ccm.getSchemeRegistry();  
        sr.register(new Scheme("https", 443, ssf));  
    } 
    
    

	//请求配置，设置链接超时和读取超时
	private static final RequestConfig config = RequestConfig.custom().setConnectTimeout(30000).setSocketTimeout(30000).build();
 
	//https策略，绕过安全检查
	private static CloseableHttpClient getSingleSSLConnection()throws Exception {
		//CloseableHttpClient httpClient = null;
		try {
			SSLContext sslContext = new SSLContextBuilder().loadTrustMaterial(null, new TrustStrategy() {
				public boolean isTrusted(X509Certificate[] paramArrayOfX509Certificate, String paramString) throws CertificateException {
					return true;
				}
			}).build();
			SSLConnectionSocketFactory sslsf = new SSLConnectionSocketFactory(sslContext, SSLConnectionSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER);
			//return HttpClients.custom().setDefaultRequestConfig(config).build();
			//2017 12 14修改，忘了绕过安全检查设置了，哈哈
			return HttpClients.custom().setSSLSocketFactory(sslsf).setDefaultRequestConfig(config).build();
		} catch (Exception e) {
			throw e;
		}
 
	}
     /**
      * 
      * @return
      */
	public static  CloseableHttpClient createSSLClientDefault() {
		try {
		SSLContext sslContext = new SSLContextBuilder().loadTrustMaterial(null, new TrustStrategy() {
		// 信任所有
		public boolean isTrusted(X509Certificate[] chain, String authType) throws CertificateException {
		return true;
		}
		}).build();
		SSLConnectionSocketFactory sslsf = new SSLConnectionSocketFactory(sslContext);
		return HttpClients.custom().setSSLSocketFactory(sslsf).build();
		} catch (KeyManagementException e) {
		e.printStackTrace();
		} catch (NoSuchAlgorithmException e) {
		e.printStackTrace();
		} catch (KeyStoreException e) {
		e.printStackTrace();
		}
		return HttpClients.createDefault();
		}
		
}